def disableComodo():
try:
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('modsec/comodo') > -1:
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
else:
try:
shutil.rmtree('/usr/local/lsws/conf/comodo_litespeed')
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + ' [disableComodo]')
installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [disableComodo]")
print "0," + str(msg)
def saveModSecRules():
try:
rulesFile = open(modSec.tempRulesFile, 'r')
data = rulesFile.read()
rulesFile.close()
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
rulesFilePath = os.path.join(virtualHostUtilities.Server_root,
"conf/modsec/rules.conf")
else:
rulesFilePath = os.path.join(virtualHostUtilities.Server_root,
"conf/rules.conf")
rulesFile = open(rulesFilePath, 'w')
rulesFile.write(data)
rulesFile.close()
installUtilities.reStartLiteSpeed()
print "1,None"
return
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [saveModSecRules]")
print "0," + str(msg)
def enableRuleFile(fileName, packName):
try:
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('modsec/' +
packName) > -1 and items.find(fileName) > -1:
conf.write(items.lstrip('#'))
else:
conf.writelines(items)
conf.close()
else:
path = '/usr/local/lsws/conf/comodo_litespeed/'
completePath = path + fileName
completePathBak = path + fileName + '.bak'
command = 'mv ' + completePathBak + ' ' + completePath
ProcessUtilities.executioner(command)
installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [enableRuleFile]")
print "0," + str(msg)
def installOWASP():
try:
if modSec.setupOWASPRules() == 0:
print '0, Unable to download OWASP Rules.'
return
owaspRulesConf = """modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/modsecurity.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/crs-setup.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-901-INITIALIZATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-910-IP-REPUTATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-911-METHOD-ENFORCEMENT.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-912-DOS-PROTECTION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-913-SCANNER-DETECTION.conf
#modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-921-PROTOCOL-ATTACK.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-949-BLOCKING-EVALUATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-950-DATA-LEAKAGES.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-959-BLOCKING-EVALUATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-980-CORRELATION.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
"""
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1:
conf.writelines(items)
conf.write(owaspRulesConf)
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [installOWASP]")
print "0," + str(msg)
def saveModSecRules(request):
try:
val = request.session['userID']
admin = Administrator.objects.get(pk=val)
try:
if request.method == 'POST':
if admin.type != 1:
final_dic = {'saveStatus': 0, 'error_message': 'Not enough privileges.'}
final_json = json.dumps(final_dic)
return HttpResponse(final_json)
data = json.loads(request.body)
newModSecRules = data['modSecRules']
## writing data temporary to file
rulesPath = open(modSec.tempRulesFile, "w")
rulesPath.write(newModSecRules)
rulesPath.close()
## save configuration data
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
execPath = execPath + " saveModSecRules"
output = subprocess.check_output(shlex.split(execPath))
if output.find("1,None") > -1:
installUtilities.reStartLiteSpeed()
data_ret = {'saveStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'saveStatus': 0, 'error_message': output}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException,msg:
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError,msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg))
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def enableDisableRuleFile(request):
try:
val = request.session['userID']
admin = Administrator.objects.get(pk = val)
try:
if request.method == 'POST':
if admin.type != 1:
final_dic = {'saveStatus': 0, 'error_message': 'Not enough privileges.'}
final_json = json.dumps(final_dic)
return HttpResponse(final_json)
data = json.loads(request.body)
packName = data['packName']
fileName = data['fileName']
currentStatus = data['status']
if currentStatus == True:
functionName = 'disableRuleFile'
else:
functionName = 'enableRuleFile'
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName ' + fileName
output = subprocess.check_output(shlex.split(execPath))
if output.find("1,None") > -1:
installUtilities.reStartLiteSpeed()
data_ret = {'saveStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'saveStatus': 0, 'error_message': output}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException,msg:
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def deleteWebsite(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
websiteName = data['domainName']
adminUser = data['adminUser']
adminPass = data['adminPass']
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {
"websiteDeleteStatus": 0,
'error_message': "Could not authorize access to API"
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
numberOfWebsites = Websites.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(
websiteName, numberOfWebsites)
delWebsite = Websites.objects.get(domain=websiteName)
databases = Databases.objects.filter(website=delWebsite)
for items in databases:
mysqlUtilities.deleteDatabase(items.dbName, items.dbUser)
delWebsite.delete()
installUtilities.reStartLiteSpeed()
data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def installModSecRulesPack(request):
try:
val = request.session['userID']
admin = Administrator.objects.get(pk=val)
try:
if request.method == 'POST':
if admin.type != 1:
final_dic = {'installStatus': 0, 'error_message': 'Not enough privileges.'}
final_json = json.dumps(final_dic)
return HttpResponse(final_json)
data = json.loads(request.body)
packName = data['packName']
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
execPath = execPath + " " + packName
output = subprocess.check_output(shlex.split(execPath))
if output.find("1,None") > -1:
installUtilities.reStartLiteSpeed()
data_ret = {'installStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'installStatus': 0, 'error_message': output}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'installStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg))
data_ret = {'installStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def submitWebsiteStatus(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
websiteName = data['websiteName']
state = data['state']
adminUser = data['adminUser']
adminPass = data['adminPass']
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {
"websiteStatus": 0,
'error_message': "Could not authorize access to API"
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
website = Websites.objects.get(domain=websiteName)
if state == "Suspend":
virtualHostUtilities.suspendVirtualHost(websiteName)
installUtilities.reStartLiteSpeed()
website.state = 0
else:
virtualHostUtilities.UnsuspendVirtualHost(websiteName)
installUtilities.reStartLiteSpeed()
website.state = 1
website.save()
data_ret = {'websiteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'websiteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def deleteWebsite(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
websiteName = data['domainName']
adminUser = data['adminUser']
adminPass = data['adminPass']
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {"websiteDeleteStatus": 0,
'error_message': "Could not authorize access to API"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
numberOfWebsites = Websites.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(websiteName, numberOfWebsites)
delWebsite = Websites.objects.get(domain=websiteName)
databases = Databases.objects.filter(website=delWebsite)
for items in databases:
mysqlUtilities.deleteDatabase(items.dbName, items.dbUser)
delWebsite.delete()
installUtilities.reStartLiteSpeed()
data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def submitWebsiteStatus(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
websiteName = data['websiteName']
state = data['state']
adminUser = data['adminUser']
adminPass = data['adminPass']
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {"websiteStatus": 0,
'error_message': "Could not authorize access to API"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
website = Websites.objects.get(domain=websiteName)
if state == "Suspend":
virtualHostUtilities.suspendVirtualHost(websiteName)
installUtilities.reStartLiteSpeed()
website.state = 0
else:
virtualHostUtilities.UnsuspendVirtualHost(websiteName)
installUtilities.reStartLiteSpeed()
website.state = 1
website.save()
data_ret = {'websiteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'websiteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def disableOWASP():
try:
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('modsec/owasp') > -1:
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [disableOWASP]")
print "0," + str(msg)
def deleteWebsite(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
websiteName = data['domainName']
adminUser = data['adminUser']
adminPass = data['adminPass']
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {
"websiteDeleteStatus": 0,
'error_message': "Could not authorize access to API"
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
numberOfWebsites = str(Websites.objects.count() +
ChildDomains.objects.count())
## Deleting master domain
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
execPath = execPath + " deleteVirtualHostConfigurations --virtualHostName " + websiteName + " --numberOfSites " + numberOfWebsites
subprocess.check_output(shlex.split(execPath))
delWebsite = Websites.objects.get(domain=websiteName)
databases = Databases.objects.filter(website=delWebsite)
childDomains = delWebsite.childdomains_set.all()
## Deleting child domains
for items in childDomains:
numberOfWebsites = str(Websites.objects.count() +
ChildDomains.objects.count())
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
execPath = execPath + " deleteVirtualHostConfigurations --virtualHostName " + items.domain + " --numberOfSites " + numberOfWebsites
subprocess.check_output(shlex.split(execPath))
for items in databases:
mysqlUtilities.deleteDatabase(items.dbName, items.dbUser)
delWebsite.delete()
try:
delZone = Domains.objects.get(name=websiteName)
delZone.delete()
except:
pass
installUtilities.reStartLiteSpeed()
data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def issueSSL(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
virtualHost = data['virtualHost']
try:
website = ChildDomains.objects.get(domain=virtualHost)
except:
website = Websites.objects.get(domain=virtualHost)
srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem"
srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem"
pathToStoreSSL = virtualHostUtilities.Server_root + "/conf/vhosts/" + "SSL-" + virtualHost
pathToStoreSSLPrivKey = pathToStoreSSL + "/privkey.pem"
pathToStoreSSLFullChain = pathToStoreSSL + "/fullchain.pem"
if os.path.exists(pathToStoreSSLPrivKey):
os.remove(pathToStoreSSLPrivKey)
if os.path.exists(pathToStoreSSLFullChain):
os.remove(pathToStoreSSLFullChain)
adminEmail = "email@" + virtualHost
if not (os.path.exists(srcPrivKey)
and os.path.exists(srcFullChain)):
path = ''
try:
path = data['path']
except:
path = "/home/" + virtualHost + "/public_html"
ssl_responce = sslUtilities.obtainSSLForADomain(
virtualHost, adminEmail, path)
if ssl_responce == 1:
sslUtilities.installSSLForDomain(virtualHost)
installUtilities.reStartLiteSpeed()
website.ssl = 1
website.save()
data_ret = {"SSL": 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {
"SSL":
0,
'error_message':
str(ssl_responce) +
", for more information see CyberCP main log file."
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
###### Copy SSL To config location ######
try:
os.mkdir(pathToStoreSSL)
except BaseException, msg:
logging.writeToFile(
str(msg) +
" [Directory for SSL already exists.. Continuing [obtainSSLForADomain]]"
)
srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem"
srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem"
shutil.copy(srcPrivKey, pathToStoreSSLPrivKey)
shutil.copy(srcFullChain, pathToStoreSSLFullChain)
website.ssl = 1
website.save()
sslUtilities.installSSLForDomain(virtualHost)
installUtilities.reStartLiteSpeed()
data_ret = {"SSL": 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {"SSL": 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
data_ret = {"SSL": 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def obtainHostNameSSL(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
virtualHost = data['virtualHost']
website = Websites.objects.get(domain=virtualHost)
srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem"
srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem"
pathToStoreSSL = virtualHostUtilities.Server_root + "/conf/vhosts/" + "SSL-" + virtualHost
pathToStoreSSLPrivKey = pathToStoreSSL + "/privkey.pem"
pathToStoreSSLFullChain = pathToStoreSSL + "/fullchain.pem"
destPrivKey = "/usr/local/lscp/key.pem"
destCert = "/usr/local/lscp/cert.pem"
## removing old certs
if os.path.exists(pathToStoreSSLPrivKey):
os.remove(pathToStoreSSLPrivKey)
if os.path.exists(pathToStoreSSLFullChain):
os.remove(pathToStoreSSLFullChain)
## removing old certs for lscpd
if os.path.exists(destPrivKey):
os.remove(destPrivKey)
if os.path.exists(destCert):
os.remove(destCert)
adminEmail = "email@" + virtualHost
if not (os.path.exists(srcPrivKey)
and os.path.exists(srcFullChain)):
path = "/home/" + virtualHost + "/public_html"
ssl_responce = sslUtilities.obtainSSLForADomain(
virtualHost, adminEmail, path)
if ssl_responce == 1:
sslUtilities.installSSLForDomain(virtualHost)
installUtilities.reStartLiteSpeed()
website.ssl = 1
website.save()
## lcpd specific functions
shutil.copy(srcPrivKey, destPrivKey)
shutil.copy(srcFullChain, destCert)
command = 'sudo systemctl restart lscpd'
cmd = shlex.split(command)
res = subprocess.call(cmd)
data_ret = {"SSL": 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {
"SSL":
0,
'error_message':
str(ssl_responce) +
", for more information see CyberCP main log file."
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
###### Copy SSL To config location ######
try:
os.mkdir(pathToStoreSSL)
except BaseException, msg:
logging.writeToFile(
str(msg) +
" [Directory for SSL already exists.. Continuing [obtainSSLForADomain]]"
)
srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem"
srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem"
shutil.copy(srcPrivKey, pathToStoreSSLPrivKey)
shutil.copy(srcFullChain, pathToStoreSSLFullChain)
## lcpd specific functions
shutil.copy(srcPrivKey, destPrivKey)
shutil.copy(srcFullChain, destCert)
command = 'sudo systemctl restart lscpd'
cmd = shlex.split(command)
res = subprocess.call(cmd)
website.ssl = 1
website.save()
data_ret = {"SSL": 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {"SSL": 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
data_ret = {"SSL": 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def saveModSecConfigurations(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
modsecurity = data['modsecurity_status']
SecAuditEngine = data['SecAuditEngine']
SecRuleEngine = data['SecRuleEngine']
SecDebugLogLevel = data['SecDebugLogLevel']
SecAuditLogParts = data['SecAuditLogParts']
SecAuditLogRelevantStatus = data['SecAuditLogRelevantStatus']
SecAuditLogType = data['SecAuditLogType']
if modsecurity == True:
modsecurity = "modsecurity on"
else:
modsecurity = "modsecurity off"
if SecAuditEngine == True:
SecAuditEngine = "SecAuditEngine on"
else:
SecAuditEngine = "SecAuditEngine off"
if SecRuleEngine == True:
SecRuleEngine = "SecRuleEngine On"
else:
SecRuleEngine = "SecRuleEngine off"
SecDebugLogLevel = "SecDebugLogLevel " + str(SecDebugLogLevel)
SecAuditLogParts = "SecAuditLogParts " + str(SecAuditLogParts)
SecAuditLogRelevantStatus = "SecAuditLogRelevantStatus " + SecAuditLogRelevantStatus
SecAuditLogType = "SecAuditLogType " + SecAuditLogType
## writing data temporary to file
tempConfigPath = "/home/cyberpanel/" + str(randint(1000, 9999))
confPath = open(tempConfigPath, "w")
confPath.writelines(modsecurity + "\n")
confPath.writelines(SecAuditEngine + "\n")
confPath.writelines(SecRuleEngine + "\n")
confPath.writelines(SecDebugLogLevel + "\n")
confPath.writelines(SecAuditLogParts + "\n")
confPath.writelines(SecAuditLogRelevantStatus + "\n")
confPath.writelines(SecAuditLogType + "\n")
confPath.close()
## save configuration data
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
execPath = execPath + " saveModSecConfigs --tempConfigPath " + tempConfigPath
output = subprocess.check_output(shlex.split(execPath))
if output.find("1,None") > -1:
installUtilities.reStartLiteSpeed()
data_ret = {'saveStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'saveStatus': 0, 'error_message': output}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg))
data_ret = {'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def installStatusModSec(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
installStatus = unicode(
open(modSec.installLogPath, "r").read())
if installStatus.find("[200]") > -1:
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
execPath = execPath + " installModSecConfigs"
output = subprocess.check_output(shlex.split(execPath))
if output.find("1,None") > -1:
pass
else:
final_json = json.dumps({
'error_message':
"Failed to install ModSecurity configurations.",
'requestStatus': installStatus,
'abort': 1,
'installed': 0,
})
return HttpResponse(final_json)
installUtilities.reStartLiteSpeed()
final_json = json.dumps({
'error_message': "None",
'requestStatus': installStatus,
'abort': 1,
'installed': 1,
})
return HttpResponse(final_json)
elif installStatus.find("[404]") > -1:
final_json = json.dumps({
'abort': 1,
'installed': 0,
'error_message': "None",
'requestStatus': installStatus,
})
return HttpResponse(final_json)
else:
final_json = json.dumps({
'abort': 0,
'error_message': "None",
'requestStatus': installStatus,
})
return HttpResponse(final_json)
except BaseException, msg:
final_dic = {'abort': 1, 'installed': 0, 'error_message': str(msg)}
final_json = json.dumps(final_dic)
return HttpResponse(final_json)
except KeyError:
final_dic = {
'abort':
1,
'installed':
0,
'error_message':
"Not Logged In, please refresh the page or login again."
}
final_json = json.dumps(final_dic)
return HttpResponse(final_json)
def createWebsite(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
adminUser = data['adminUser']
adminPass = data['adminPass']
domain = data['domainName']
adminEmail = data['ownerEmail']
packageName = data['packageName']
websiteOwner = data['websiteOwner']
ownerPassword = data['ownerPassword']
try:
website = Websites.objects.get(domain=domain)
data_ret = {
"existsStatus": 0,
'createWebSiteStatus': 0,
'error_message': "Website Already Exists"
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except:
pass
phpSelection = "PHP 7.0"
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {
"existsStatus": 0,
'createWebSiteStatus': 0,
'error_message': "Could not authorize access to API"
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if adminEmail is None:
adminEmail = "*****@*****.**"
try:
websiteOwn = Administrator(
userName=websiteOwner,
password=hashPassword.hash_password(ownerPassword),
email=adminEmail,
type=3,
owner=admin.pk,
initWebsitesLimit=1)
websiteOwn.save()
except BaseException, msg:
pass
if virtualHostUtilities.checkIfVirtualHostExists(domain) == 1:
data_ret = {
"existsStatus":
1,
'createWebSiteStatus':
0,
'error_message':
"This domain already exists in Litespeed Configurations, first delete the domain to perform sweap."
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if virtualHostUtilities.createDirectoryForVirtualHost(
domain, adminEmail, phpSelection) != 1:
numberOfWebsites = Websites.objects.count(
) + ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(
domain, numberOfWebsites)
data_ret = {
"existsStatus":
1,
'createWebSiteStatus':
0,
'error_message':
"Can not create configurations, see CyberCP main log file."
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if virtualHostUtilities.createConfigInMainVirtualHostFile(
domain) != 1:
numberOfWebsites = Websites.objects.count(
) + ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(
domain, numberOfWebsites)
data_ret = {
"existsStatus":
1,
'createWebSiteStatus':
0,
'error_message':
"Can not create configurations, see CyberCP main log file."
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
installUtilities.reStartLiteSpeed()
selectedPackage = Package.objects.get(packageName=packageName)
websiteOwn = Administrator.objects.get(userName=websiteOwner)
website = Websites(admin=websiteOwn,
package=selectedPackage,
domain=domain,
adminEmail=adminEmail,
phpSelection=phpSelection,
ssl=0)
website.save()
shutil.copy("/usr/local/CyberCP/index.html",
"/home/" + domain + "/public_html/index.html")
data_ret = {
'createWebSiteStatus': 1,
'error_message': "None",
"existsStatus": 0
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
numberOfWebsites = Websites.objects.count(
) + ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(
domain, numberOfWebsites)
data_ret = {
'createWebSiteStatus': 0,
'error_message': str(msg),
"existsStatus": 0
}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def installComodo():
try:
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
if modSec.setupComodoRules() == 0:
print '0, Unable to download Comodo Rules.'
return
owaspRulesConf = """modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/modsecurity.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/00_Init_Initialization.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/01_Init_AppsInitialization.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/02_Global_Generic.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/03_Global_Agents.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/04_Global_Domains.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/05_Global_Backdoor.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/06_XSS_XSS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/07_Global_Other.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/08_Bruteforce_Bruteforce.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/09_HTTP_HTTP.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/10_HTTP_HTTPDoS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/11_HTTP_Protocol.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/12_HTTP_Request.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/13_Outgoing_FilterGen.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/14_Outgoing_FilterASP.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/15_Outgoing_FilterPHP.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/16_Outgoing_FilterSQL.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/17_Outgoing_FilterOther.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/18_Outgoing_FilterInFrame.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/19_Outgoing_FiltersEnd.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/20_PHP_PHPGen.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/21_SQL_SQLi.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/22_Apps_Joomla.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/23_Apps_JComponent.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/24_Apps_WordPress.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/25_Apps_WPPlugin.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/26_Apps_WHMCS.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/27_Apps_Drupal.conf
modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/28_Apps_OtherApps.conf
"""
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find(
'/usr/local/lsws/conf/modsec/rules.conf') > -1:
conf.writelines(items)
conf.write(owaspRulesConf)
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
return
else:
if os.path.exists('/usr/local/lsws/conf/comodo_litespeed'):
shutil.rmtree('/usr/local/lsws/conf/comodo_litespeed')
extractLocation = os.path.join(
virtualHostUtilities.Server_root, "conf")
if os.path.exists('cpanel_litespeed_vendor'):
os.remove('cpanel_litespeed_vendor')
command = "wget https://waf.comodo.com/api/cpanel_litespeed_vendor"
result = subprocess.call(shlex.split(command))
if result == 1:
return 0
command = "unzip cpanel_litespeed_vendor -d " + extractLocation
result = subprocess.call(shlex.split(command))
command = 'sudo chown -R lsadm:lsadm /usr/local/lsws/conf'
subprocess.call(shlex.split(command))
installUtilities.reStartLiteSpeed()
print "1,None"
return
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [installComodo]")
print "0," + str(msg)
def saveModSecConfigs(tempConfigPath):
try:
data = open(tempConfigPath).readlines()
os.remove(tempConfigPath)
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/httpd_config.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('modsecurity ') > -1:
conf.writelines(data[0])
continue
elif items.find('SecAuditEngine ') > -1:
conf.writelines(data[1])
continue
elif items.find('SecRuleEngine ') > -1:
conf.writelines(data[2])
continue
elif items.find('SecDebugLogLevel') > -1:
conf.writelines(data[3])
continue
elif items.find('SecAuditLogRelevantStatus ') > -1:
conf.writelines(data[5])
continue
elif items.find('SecAuditLogParts ') > -1:
conf.writelines(data[4])
continue
elif items.find('SecAuditLogType ') > -1:
conf.writelines(data[6])
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
return
else:
confFile = os.path.join(virtualHostUtilities.Server_root,
"conf/modsec.conf")
confData = open(confFile).readlines()
conf = open(confFile, 'w')
for items in confData:
if items.find('SecAuditEngine ') > -1:
conf.writelines(data[0])
continue
elif items.find('SecRuleEngine ') > -1:
conf.writelines(data[1])
continue
elif items.find('SecDebugLogLevel') > -1:
conf.writelines(data[2])
continue
elif items.find('SecAuditLogRelevantStatus ') > -1:
conf.writelines(data[4])
continue
elif items.find('SecAuditLogParts ') > -1:
conf.writelines(data[3])
continue
elif items.find('SecAuditLogType ') > -1:
conf.writelines(data[5])
continue
else:
conf.writelines(items)
conf.close()
installUtilities.reStartLiteSpeed()
print "1,None"
return
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(
str(msg) + " [saveModSecConfigs]")
print "0," + str(msg)
def createWebsite(request):
try:
if request.method == 'POST':
data = json.loads(request.body)
adminUser = data['adminUser']
adminPass = data['adminPass']
domain = data['domainName']
adminEmail = data['ownerEmail']
packageName = data['packageName']
websiteOwner = data['websiteOwner']
ownerPassword = data['ownerPassword']
try:
website = Websites.objects.get(domain=domain)
data_ret = {"existsStatus": 0, 'createWebSiteStatus': 0,
'error_message': "Website Already Exists"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except:
pass
phpSelection = "PHP 7.0"
admin = Administrator.objects.get(userName=adminUser)
if hashPassword.check_password(admin.password, adminPass):
pass
else:
data_ret = {"existsStatus": 0, 'createWebSiteStatus': 0,
'error_message': "Could not authorize access to API"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if adminEmail is None:
adminEmail = "*****@*****.**"
try:
websiteOwn = Administrator(userName=websiteOwner, password=hashPassword.hash_password(ownerPassword),
email=adminEmail, type=3, owner=admin.pk,
initWebsitesLimit=1)
websiteOwn.save()
except BaseException,msg:
pass
if virtualHostUtilities.checkIfVirtualHostExists(domain) == 1:
data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0,
'error_message': "This domain already exists in Litespeed Configurations, first delete the domain to perform sweap."}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if virtualHostUtilities.createDirectoryForVirtualHost(domain, adminEmail, phpSelection) != 1:
numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites)
data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0,
'error_message': "Can not create configurations, see CyberCP main log file."}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if virtualHostUtilities.createConfigInMainVirtualHostFile(domain) != 1:
numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites)
data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0,
'error_message': "Can not create configurations, see CyberCP main log file."}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
installUtilities.reStartLiteSpeed()
selectedPackage = Package.objects.get(packageName=packageName)
websiteOwn = Administrator.objects.get(userName=websiteOwner)
website = Websites(admin=websiteOwn, package=selectedPackage, domain=domain, adminEmail=adminEmail,
phpSelection=phpSelection, ssl=0)
website.save()
shutil.copy("/usr/local/CyberCP/index.html", "/home/" + domain + "/public_html/index.html")
data_ret = {'createWebSiteStatus': 1, 'error_message': "None", "existsStatus": 0}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException, msg:
numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count()
virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites)
data_ret = {'createWebSiteStatus': 0, 'error_message': str(msg), "existsStatus": 0}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
